*
* *
***************************************************************************/
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; *
* *
***************************************************************************/
// this page shows the image full size
// (or resized to the max size the user has chosen)
// and two thumbnail : previous and next picture of your gallery
//----------------------------------------------------------- personnal include
include_once( './include/init.inc.php' );
//-------------------------------------------------- access authorization check
check_cat_id( $_GET['cat'] );
check_login_authorization();
if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) )
{
check_restrictions( $page['cat'] );
}
//---------------------------------------- incrementation of the number of hits
$query = 'update '.PREFIX_TABLE.'images';
$query.= ' set hit=hit+1';
$query.= ' where id='.$_GET['image_id'];
$query.= ';';
@mysql_query( $query );
//-------------------------------------------------------------- initialization
initialize_category( 'picture' );
$cat_directory = $page['cat_dir']; // by default
//------------------------------------- main picture information initialization
$query = 'select id,date_available,comment,hit';
$query.= ',author,name,file,date_creation,filesize,width,height,cat_id';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= ' and id = '.$_GET['image_id'];
$query.= $conf['order_by'];
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$page['id'] = $row['id'];
$page['file'] = $row['file'];
$page['name'] = $row['name'];
$page['date_available'] = $row['date_available'];
$page['comment'] = $row['comment'];
$page['hit'] = $row['hit'];
$page['author'] = $row['author'];
$page['date_creation'] = $row['date_creation'];
$page['filesize'] = $row['filesize'];
$page['width'] = $row['width'];
$page['height'] = $row['height'];
$page['cat_id'] = $row['cat_id'];
// retrieving the number of the picture in its category (in order)
$query = 'select id';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ';';
$result = mysql_query( $query );
$page['num'] = 0;
$row = mysql_fetch_array( $result );
while ( $row['id'] != $page['id'] )
{
$page['num']++;
$row = mysql_fetch_array( $result );
}
//--------------------------------------------------------- favorite management
if ( isset( $_GET['add_fav'] ) )
{
if ( $_GET['add_fav'] == 1 )
{
// verify if the picture is already in the favorite of the user
$query = 'select count(*) as nb_fav';
$query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where image_id = '.$page['id'];
$query.= ' and user_id = '.$user['id'];
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
if ( $row['nb_fav'] == 0 )
{
$query = 'insert into '.PREFIX_TABLE.'favorites';
$query.= ' (image_id,user_id) values';
$query.= ' ('.$page['id'].','.$user['id'].')';
$query.= ';';
$result = mysql_query( $query );
}
}
if ( $_GET['add_fav'] == 0 )
{
$query = 'delete from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id'];
$query.= ' and image_id = '.$page['id'];
$query.= ';';
$result = mysql_query( $query );
$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
if ( $page['cat_nb_images'] <= 0 )
{
// there is no favorite picture anymore
// we redirect the user to the category page
$url = add_session_id( 'category.php' );
header( 'Request-URI: '.$url );
header( 'Content-Location: '.$url );
header( 'Location: '.$url );
exit();
}
// redirection of the user to the picture.php page
// with the right picture
$page['num'] = $page['num'] - 1;
if ( $page['num'] == -1 )
{
$page['num'] = 0;
}
$query = 'select id';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$page['num'].',1';
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
$redirect.= '&expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
}
$url = add_session_id( $redirect, true );
header( 'Request-URI: '.$url );
header( 'Content-Location: '.$url );
header( 'Location: '.$url );
exit();
}
}
//----------------------------------------------------- template initialization
$vtp = new VTemplate;
$handle = $vtp->Open( './template/default/picture.vtp' );
// language
$vtp->setGlobalVar( $handle, 'back', $lang['back'] );
$vtp->setGlobalVar( $handle, 'submit', $lang['submit'] );
$vtp->setGlobalVar( $handle, 'comments_title', $lang['comments_title'] );
$vtp->setGlobalVar( $handle, 'comments_del', $lang['comments_del'] );
$vtp->setGlobalVar( $handle, 'delete', $lang['delete'] );
$vtp->setGlobalVar( $handle, 'comments_add', $lang['comments_add'] );
$vtp->setGlobalVar( $handle, 'author', $lang['author'] );
// user
$vtp->setGlobalVar( $handle, 'page_style', $user['style'] );
$vtp->setGlobalVar( $handle, 'text_color', $user['couleur_text'] );
// structure
$vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() );
$vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() );
$vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() );
//------------------------------------------------------------------ page title
if ( $page['name'] != "" )
{
$vtp->setGlobalVar( $handle, 'page_title', $page['name'] );
}
else
{
$vtp->setGlobalVar( $handle, 'page_title', $page['file'] );
}
//-------------------------------------------------- previous picture thumbnail
if ( $page['num'] >= 1 )
{
$prev = $page['num'] - 1;
$query = 'select id,name,file,tn_ext,cat_id';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$prev.',1';
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
if ( !is_numeric( $page['cat'] ) )
{
if ( $array_cat_directories[$row['cat_id']] == '' )
{
$cat_result = get_cat_info( $row['cat_id'] );
$array_cat_directories[$row['cat_id']] = $cat_result['dir'];
}
$cat_directory = $array_cat_directories[$row['cat_id']];
}
$file = substr ( $row['file'], 0, strrpos ( $row['file'], '.' ) );
$lien_thumbnail = $cat_directory.'/thumbnail/';
$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
$prev_title = $lang['previous_image'].' : ';
$alt_thumbnaill = '';
if ( $row['name'] != "" )
{
$alt_thumbnail = $row['name'];
}
else
{
$alt_thumbnail = $file;
}
$prev_title.= $alt_thumbnail;
$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
$url_link.= '&expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
}
// sending vars for display
$vtp->addSession( $handle, 'previous' );
$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
$vtp->closeSession( $handle, 'previous' );
}
else
{
$vtp->addSession( $handle, 'previous_empty' );
$vtp->closeSession( $handle, 'previous_empty' );
}
//-------------------------------------------------------- main picture display
if ( is_numeric( $page['cat'] ) )
{
$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
"font-style:italic;" );
}
else
{
$cat_result = get_cat_info( $page['cat_id'] );
if ( $array_cat_directories[$page['cat_id']] == "" )
{
$array_cat_directories[$page['cat_id']] = $cat_result['dir'];
}
$cat_directory = $array_cat_directories[$page['cat_id']];
$intitule_cat = $page['title'];
}
$n = $page['num'] + 1;
$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/'.
$intitule_titre.= $page['cat_nb_images']."
";
if ( $page['name'] != "" )
{
$intitule_file = $page['name'];
}
else
{
$intitule_file = str_replace( "_", " ",
substr( $page['file'], 0,
strrpos ( $page['file'], ".") ) );
}
if ( $page['cat'] == 'search' )
{
$intitule_file = replace_search( $intitule_file, $_GET['search'] );
}
$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
$lien_image = $cat_directory.$page['file'];
// calcul de la largeur et de la hauteur
if ( $page['width'] == "" )
{
$taille_image = @getimagesize( $lien_image );
$original_width = $taille_image[0];
$original_height = $taille_image[1];
}
else
{
$original_width = $page['width'];
$original_height = $page['height'];
}
$picture_size = get_picture_size( $original_width, $original_height,
$user['maxwidth'], $user['maxheight'] );
$final_width = $picture_size[0];
$final_height = $picture_size[1];
$url_link = './category.php?cat='.$page['cat'].'&';
$url_link.= 'num='.$page['num'].'&expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
}
$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
$vtp->setGlobalVar( $handle, 'picture_border_color', $user['couleur_text'] );
$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
if ( $page['comment'] != '' )
{
if ( $page['cat'] == 'search' )
{
$picture_comment = replace_search( $page['comment'], $_GET['search'] );
$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
}
else
{
$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
}
}
//--------------------------------------------------------- picture information
// author
if ( $page['author'] != "" )
{
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
$vtp->setVar( $handle, 'info_line.content', $page['author'] );
$vtp->closeSession( $handle, 'info_line' );
}
// creation date
if ( $page['date_creation'] != "" )
{
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
$tab_date = explode( '-', $page['date_creation'] );
$vtp->setVar( $handle, 'info_line.content',
$tab_date[2].'/'.$tab_date[1].'/'.$tab_date[0] );
$vtp->closeSession( $handle, 'info_line' );
}
// date of availability
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
$tab_date = explode( '-', $page['date_available'] );
$vtp->setVar( $handle, 'info_line.content',
$tab_date[2].'/'.$tab_date[1].'/'.$tab_date[0] );
$vtp->closeSession( $handle, 'info_line' );
// size in pixels
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
if ( $original_width != $final_width || $original_height != $final_height )
{
$content = '[ ';
$content.= $original_width.'*'.$original_height.' ]';
$vtp->setVar( $handle, 'info_line.content', $content );
}
else
{
$content = $original_width.'*'.$original_height;
$vtp->setVar( $handle, 'info_line.content', $content );
}
$vtp->closeSession( $handle, 'info_line' );
// file
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
if ( $page['cat'] == 'search' )
{
$content = replace_search( $page['file'], $_GET['search'] );
$vtp->setVar( $handle, 'info_line.content', $content );
}
else
{
$vtp->setVar( $handle, 'info_line.content', $page['file'] );
}
$vtp->closeSession( $handle, 'info_line' );
// filesize
if ( $page['filesize'] == "" )
{
$poids = floor ( filesize( $lien_image ) / 1024 );
}
else
{
$poids = $page['filesize'];
}
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
$vtp->closeSession( $handle, 'info_line' );
// number of visits
$vtp->addSession( $handle, 'info_line' );
$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
$vtp->closeSession( $handle, 'info_line' );
//------------------------------------------------------- favorite manipulation
if ( $page['cat'] != 'fav' && !$user['is_the_guest'] )
{
$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
$url.= '&expand='.$_GET['expand'].'&add_fav=1';
if ( $page['cat'] == 'search' )
{
$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
}
$vtp->addSession( $handle, 'favorite' );
$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
$vtp->setVar( $handle, 'favorite.src',
'./theme/'.$user['theme'].'/favorite.gif' );
$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' );
$vtp->closeSession( $handle, 'favorite' );
}
if ( $page['cat'] == 'fav' )
{
$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
$url.= '&expand='.$_GET['expand'].'&add_fav=0';
$vtp->addSession( $handle, 'favorite' );
$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
$vtp->setVar( $handle, 'favorite.src',
'./theme/'.$user['theme'].'/del_favorite.gif' );
$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' );
$vtp->closeSession( $handle, 'favorite' );
}
//------------------------------------ admin link for information modifications
if ( $user['status'] == "admin" && is_numeric( $page['cat'] ) )
{
$vtp->addSession( $handle, 'modification' );
$url = './admin/admin.php?page=infos_images&cat_id='.$page['cat'];
$url.= '&num='.$page['num'];
$vtp->setVar( $handle, 'modification.link',
add_session_id( $url )."#".$page['id'] );
$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
}
//---------------------------------------------- next picture thumbnail display
if ( $page['num'] < $page['cat_nb_images']-1 )
{
$next = $page['num'] + 1;
$query = 'SELECT id,name,file,tn_ext,cat_id';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' LIMIT '.$next.',1';
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
if ( !is_numeric( $page['cat'] ) )
{
if ( $array_cat_directories[$row['cat_id']] == "" )
{
$cat_result = get_cat_info( $row['cat_id'] );
$array_cat_directories[$row['cat_id']] = $cat_result['dir'];
}
$cat_directory = $array_cat_directories[$row['cat_id']];
}
$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
$lien_thumbnail = $cat_directory."thumbnail/";
$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
if ( $row['name'] != "" )
{
$alt_thumbnail = $row['name'];
}
else
{
$alt_thumbnail = $file;
}
$next_title = $lang['next_image']." : ".$alt_thumbnail;
$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
$url_link.= '&expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
}
// sending vars for display
$vtp->addSession( $handle, 'next' );
$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $url_link ) );
$vtp->setGlobalVar( $handle, 'next.title', $next_title );
$vtp->setGlobalVar( $handle, 'next.src', $lien_thumbnail );
$vtp->setGlobalVar( $handle, 'next.alt', $alt_thumbnail );
$vtp->closeSession( $handle, 'next' );
}
else
{
$vtp->addSession( $handle, 'previous_empty' );
$vtp->closeSession( $handle, 'previous_empty' );
}
//---------------------------------------------------- users's comments display
if ( $conf['show_comments'] )
{
$vtp->addSession( $handle, 'comments' );
// comment registeration
if ( isset( $_POST['content'] ) && $_POST['content'] != '' )
{
$author = $user['pseudo'];
if ( $_POST['author'] != "" )
{
$author = $_POST['author'];
}
$query = 'insert into '.PREFIX_TABLE.'comments';
$query.= ' (author,date,image_id,content) values';
$query.= " ('".$author."',".time().",".$page['id'];
$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."');";
mysql_query( $query );
}
// comment deletion
if ( isset( $_GET['del'] )
&& is_numeric( $_GET['del'] )
&& $user['status'] == 'admin' )
{
$query = 'delete from '.PREFIX_TABLE.'comments';
$query.= ' where id = '.$_GET['del'].';';
mysql_query( $query );
}
// number of comment for this picture
$query = 'select count(*) as nb_comments';
$query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'].';';
$row = mysql_fetch_array( mysql_query( $query ) );
$page['nb_comments'] = $row['nb_comments'];
// navigation bar creation
$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
$url.= '&expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
}
if( !isset( $_GET['start'] )
|| !is_numeric( $_GET['start'] )
|| ( is_numeric( $_GET['start'] ) && $_GET['start'] < 0 ) )
{
$page['start'] = 0;
}
else
{
$page['start'] = $_GET['start'];
}
$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
$page['start'],
$conf['nb_comment_page'],
'' );
// sending vars for display
$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
$query = 'select id,author,date,image_id,content';
$query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'];
$query.= ' order by date asc';
$query.= ' limit '.$page['start'].', '.$conf['nb_comment_page'].';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
$vtp->addSession( $handle, 'comment' );
$vtp->setVar( $handle, 'comment.author', $row['author'] );
$displayed_date = $lang['day'][date( "w", $row['date'] )];
$displayed_date.= date( " j ", $row['date'] );
$displayed_date.= $lang['month'][date( "n", $row['date'] )];
$displayed_date.= date( " Y G:i", $row['date'] );
$vtp->setVar( $handle, 'comment.date', $displayed_date );
$vtp->setVar( $handle, 'comment.content', nl2br( $row['content'] ) );
if ( $user['status'] == 'admin' )
{
$vtp->addSession( $handle, 'delete' );
$vtp->setVar( $handle, 'delete.link',
add_session_id( $url.'&del='.$row['id'] ) );
$vtp->closeSession( $handle, 'delete' );
}
$vtp->closeSession( $handle, 'comment' );
}
// form action
$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
$vtp->setGlobalVar( $handle, 'form_action', $action );
// display author field if the user is not logged in
if ( !$user['is_the_guest'] )
{
$vtp->addSession( $handle, 'author_known' );
$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
$vtp->closeSession( $handle, 'author_known' );
}
else
{
$vtp->addSession( $handle, 'author_field' );
$vtp->closeSession( $handle, 'author_field' );
}
$vtp->closeSession( $handle, 'comments' );
}
//------------------------------------------------------------ log informations
pwg_log( 'picture', $intitule_cat, $page['file'] );
mysql_close();
//----------------------------------------------------------- html code display
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
$query = 'insert into '.PREFIX_TABLE.'history';
$query.= ' (date,login,IP,page,titre,categorie) values';
$query.= " (".time().", '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'";
$query.= ",'picture','".$page['file']."','".$intitule_cat."');";
@mysql_query( $query );
?>